CVE-2002-0372
Published Jul 3, 2002
Last updated 6 years ago
Overview
- Description
- Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player".
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:windows_media_player:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CDD85BA-0CDA-4EF2-A447-84A4F7B94B3A"
},
{
"criteria": "cpe:2.3:a:microsoft:windows_media_player:6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CE4EC55-63B7-409E-9E4D-DBC5A36D2F5A"
},
{
"criteria": "cpe:2.3:a:microsoft:windows_media_player:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C66EBE04-CE6A-4B81-BC09-60DC5DB121E3"
}
],
"operator": "OR"
}
]
}
]